Cross-Site Scripting Vulnerability in eClinicalWorks Population Health (CCMR) Login.jsp

Cross-Site Scripting Vulnerability in eClinicalWorks Population Health (CCMR) Login.jsp

CVE-2015-4591 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

eClinicalWorks Population Health (CCMR) suffers from a cross site scripting vulnerability in login.jsp which allows remote unauthenticated users to inject arbitrary javascript via the strMessage parameter.

Learn more about our User Device Pen Test.